﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Web.Routing;
using System.Web.Security;
using TGIApp.Web.Models;
using System.ServiceModel;
using System.ServiceModel.Channels;
using System.Security.Principal;

namespace TGIApp.Web.Controllers
{
    public class AccountController : Controller
    {

        //
        // GET: /Account/LogOn

        public ActionResult LogOn()
        {
            return View();
            
        }

        //
        // POST: /Account/LogOn

        [HttpPost]
        public ActionResult LogOn(LogOnModel model, string returnUrl)
        {
            // Authentication ticket remains valid across sessions.
            bool isPersistent = true;
            bool bLogin = false;

            var authService = new AuthenticationServiceClient();

            using (new OperationContextScope(authService.InnerChannel))
            {
                bLogin = authService.Login(model.UserName, model.Password, null, isPersistent);

                if (bLogin)
                {
                    var responseMessageProperty = (HttpResponseMessageProperty)
                   OperationContext.Current.IncomingMessageProperties[HttpResponseMessageProperty.Name];
                    string encryptedCookie = responseMessageProperty.Headers.Get("Set-Cookie");
                    encryptedCookie = encryptedCookie.Substring(encryptedCookie.IndexOf(".ASPXAUTH=") + 10);
                    encryptedCookie = encryptedCookie.Substring(0, encryptedCookie.IndexOf("; "));

                    FormsAuthenticationTicket ticket = FormsAuthentication.Decrypt(encryptedCookie);
                    if (null != ticket)
                    {
                        //if Cookie contains roles
                        // string[] roles = ticket.UserData.ToString().Split(',');

                        string[] roles = GetUserRoles(model.UserName);
                        string roleString = string.Empty;
                        for (int i = 0; i < roles.Length; i++)
                        {
                            roleString = roleString + "," + roles[i];
                        }
                        roleString = roleString.Substring(1);

                        FormsAuthenticationTicket newTicket = new FormsAuthenticationTicket(1, model.UserName, DateTime.Now, DateTime.Now.AddMinutes(20), isPersistent, roleString);
                        HttpContext.User = new GenericPrincipal(new FormsIdentity(newTicket), roles);
                        string encrypetedTicket = FormsAuthentication.Encrypt(newTicket);

                        HttpCookie authCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encrypetedTicket);
                        //Set the cookie's expiration time to the tickets expiration time
                        authCookie.Expires = newTicket.Expiration;
                        //Set the cookie in the Response
                        HttpContext.Response.Cookies.Add(authCookie);
                    }

                    if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
                        && !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
                    {
                        return Redirect(returnUrl);
                    }
                    else
                    {
                        return RedirectToAction("Index", "Home");
                    }
                }
                else
                {
                    ModelState.AddModelError("", "The user name or password provided is incorrect.");
                }
            }
            // If we got this far, something failed, redisplay form
            return View(model);

        }

        private string[] GetUserRoles()
        {
            string[] roles;

            RoleServiceClient roleSvc = new RoleServiceClient();

            using (new OperationContextScope(roleSvc.InnerChannel))
            {
                roles = roleSvc.GetRolesForCurrentUser();

            }
            return roles;
        }
        private string[] GetUserRoles(string userName)
        {
            string[] roles;

            var svcProxy = new Proxy.ServiceProxy();

            using (new OperationContextScope(svcProxy.InnerChannel))
            {
                roles = svcProxy.GetRolesForUser(userName).ToArray();

            }
            return roles;
        }

        //
        // GET: /Account/LogOff

        public ActionResult LogOff()
        {
            FormsAuthentication.SignOut();

            return RedirectToAction("Index", "Home");
        }

        //
        // GET: /Account/Register

        public ActionResult Register()
        {
            return View();
        }

        //
        // POST: /Account/Register

        [HttpPost]
        public ActionResult Register(RegisterModel model)
        {
            if (ModelState.IsValid)
            {
                // Attempt to register the user
                MembershipCreateStatus createStatus;
                Membership.CreateUser(model.UserName, model.Password, model.Email, null, null, true, null, out createStatus);

                if (createStatus == MembershipCreateStatus.Success)
                {
                    FormsAuthentication.SetAuthCookie(model.UserName, false /* createPersistentCookie */);
                    return RedirectToAction("Index", "Home");
                }
                else
                {
                    ModelState.AddModelError("", ErrorCodeToString(createStatus));
                }
            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }

        //
        // GET: /Account/ChangePassword

        [Authorize]
        public ActionResult ChangePassword()
        {
            return View();
        }

        //
        // POST: /Account/ChangePassword

        [Authorize]
        [HttpPost]
        public ActionResult ChangePassword(ChangePasswordModel model)
        {
            if (ModelState.IsValid)
            {

                // ChangePassword will throw an exception rather
                // than return false in certain failure scenarios.
                bool changePasswordSucceeded;
                try
                {
                    MembershipUser currentUser = Membership.GetUser(User.Identity.Name, true /* userIsOnline */);
                    changePasswordSucceeded = currentUser.ChangePassword(model.OldPassword, model.NewPassword);
                }
                catch (Exception)
                {
                    changePasswordSucceeded = false;
                }

                if (changePasswordSucceeded)
                {
                    return RedirectToAction("ChangePasswordSuccess");
                }
                else
                {
                    ModelState.AddModelError("", "The current password is incorrect or the new password is invalid.");
                }
            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }

        //
        // GET: /Account/ChangePasswordSuccess

        public ActionResult ChangePasswordSuccess()
        {
            return View();
        }

        #region Status Codes
        private static string ErrorCodeToString(MembershipCreateStatus createStatus)
        {
            // See http://go.microsoft.com/fwlink/?LinkID=177550 for
            // a full list of status codes.
            switch (createStatus)
            {
                case MembershipCreateStatus.DuplicateUserName:
                    return "User name already exists. Please enter a different user name.";

                case MembershipCreateStatus.DuplicateEmail:
                    return "A user name for that e-mail address already exists. Please enter a different e-mail address.";

                case MembershipCreateStatus.InvalidPassword:
                    return "The password provided is invalid. Please enter a valid password value.";

                case MembershipCreateStatus.InvalidEmail:
                    return "The e-mail address provided is invalid. Please check the value and try again.";

                case MembershipCreateStatus.InvalidAnswer:
                    return "The password retrieval answer provided is invalid. Please check the value and try again.";

                case MembershipCreateStatus.InvalidQuestion:
                    return "The password retrieval question provided is invalid. Please check the value and try again.";

                case MembershipCreateStatus.InvalidUserName:
                    return "The user name provided is invalid. Please check the value and try again.";

                case MembershipCreateStatus.ProviderError:
                    return "The authentication provider returned an error. Please verify your entry and try again. If the problem persists, please contact your system administrator.";

                case MembershipCreateStatus.UserRejected:
                    return "The user creation request has been canceled. Please verify your entry and try again. If the problem persists, please contact your system administrator.";

                default:
                    return "An unknown error occurred. Please verify your entry and try again. If the problem persists, please contact your system administrator.";
            }
        }
        #endregion
    }
}
